Linux Command Line Operations

You must run all commands with root privileges.

Start, Stop, or Restart Tenable Nessus Network Monitor

Action Command to Manage Tenable Nessus Network Monitor

Start

# service nnm start

then

# ps aux|grep nnm

Stop

# service nnm stop

Restart

# service nnm restart

Once a day, as scheduled, if Tenable Security Center has received new Tenable Nessus Network Monitor plugins from TenableĀ®, it installs them in the Tenable Nessus Network Monitor plugin directory. Tenable Nessus Network Monitor detects the change, automatically reloads, and begins using the new plugins.

Real-time Tenable Nessus Network Monitor data is communicated to the configured Tenable Log Correlation Engine server or Syslog server(s) in real-time.

Configure HugePages

Before You Begin

These steps assume that your system meets the System Requirements necessary for running Tenable Nessus Network Monitor in High Performance mode.

To configure HugePages:

  1. Ensure your HugePages settings are correct by using the following command:

    # grep Huge /proc/meminfo

    AnonHugePages: 0kB

    HugePages_Total: 1024

    HugePages_Free: 1024

    HugePages_Rsvd: 0

    HugePages_Surp: 0

    Hugepagesize: 2048kB

    The Hugepagesize parameter is set to 2048 kB by default, but this option is configurable. Tenable Nessus Network Monitor requires a minimum of 1024 HugePages that are at least 2048 kB in size.

    Note: In some cases, the HugePages_Free parameter may be set to 0, however, this does not necessarily indicate insufficient HugePage memory.

  2. Reserve a certain amount of memory to be used as HugePages by using the following command to update the kernel parameter manually:

    /bin/echo 1024 > /sys/devices/system/node/node0/hugepages/hugepages-2048kB/nr_hugepages

    The number of HugePages reserved by the kernel changes to 1024, and HugePages become available.

    Note: If the kernel does not have enough memory available to satisfy this request, the command may fail without notifying the user. After running this command, the HugePages configuration should be checked again using the command in step 1.

  3. To ensure that your HugePages configuration persists across system reboots, refer to the following section that corresponds to your Linux kernel version.

    CentOS 6

    Update the persistent kernel configuration files using one of the following commands:

    In the /etc/sysctl.conf file, add the vm.nr_hugepages=1024 parameter and reload the kernel configuration with the sysctl -p command. Alternatively, you can reboot the system.

    -or-

    In the /etc/grub.conf file, on the kernel startup line, add the hugepages=1024 parameter and reboot the system.

    CentOS 7, 8

    Update the persistent kernel configuration files using one of the following commands:

    In the /etc/sysctl.conf file, add the vm.nr_hugepages=1024 parameter and reload the kernel configuration with the sysctl -p command. Alternatively, you can reboot the system.

    -or-

    In the /etc/sysconfig/grub file, on the kernel startup command (GRUB_CMDLINE_LINUX), add the hugepages=1024 parameter. Reload the kernel configuration with the grub2-mkconfig -o /etc/grub2 command and reboot the system.

  4. Connect the file system to the HugePages subsystem using the following steps:

    1. Execute the /bin/mkdir -p /mnt/nnm_huge command.

    2. Execute the /bin/mount -t hugetlbfs nodev /mnt/nnm_huge command.

    3. Additionally, open the /etc/fstab file location and add the following record:

      nodev /mnt/nnm_huge hugetlbfs rw 0 0

File Locations

Tenable Nessus Network Monitor installs its files in the following locations:

Path

Purpose

/opt/nnm

Base directory.

/opt/nnm/bin

Location of the NNM and Tenable Nessus Network Monitor Proxy executables, plus several helper tools for the Tenable Nessus Network Monitor Proxy daemon.

/opt/nnm/docs

Contains the software license agreement for Tenable Nessus Network Monitor.

/opt/nnm/var

Contains the folders for Tenable Nessus Network Monitor and the Tenable Nessus Network Monitor-Proxy.

/opt/nnm/var/nnm

Contains plugins, discovered vulnerabilities, log files, keys, and other miscellaneous items.

db

Contains the database files related to the configuration, reports, and users for Tenable Nessus Network Monitor.

kb

Stores the Tenable Nessus Network Monitor knowledge base, if used.

logs

Contains Tenable Nessus Network Monitor logs.

plugins

Contains the Tenable Nessus Network Monitor plugins delivered via Tenable Security Center, Tenable Vulnerability Management, the Tenable Nessus Network Monitor Feed, or updated via the command line or web interface if Tenable Nessus Network Monitor is running in Offline mode.

Note: If Tenable Security Center is used to manage the plugins, do not change this path from the default /opt/nnm/var/nnm.

nnm-services

A file Tenable Nessus Network Monitor uses to map service names to ports. This file may be edited by the user. Plugin updates do not overwrite modifications to the file.

reports

Contains reports generated by Tenable Nessus Network Monitor. This folder contains the .nessus file generated by default.

scripts

Contains the files for the Tenable Nessus Network Monitor Web server.

ssl

Contains SSL certificates used by the proxy and web server for the SSL connection between itself and Tenable Security Center or the web browser.

users

Contains folders for user files and reports.

www

Contains the files for the Tenable Nessus Network Monitor web front-end.

/opt/nnm/var/nnm-proxy

Parent folder for files used/created by the Tenable Nessus Network Monitor proxy.

logs

Contains the Tenable Nessus Network Monitor proxy and Tenable Nessus Network Monitor proxy service logs.